$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141602.roa File: AS141602.roa (raw, json) Hash identifier: LPlwhqeZvCvzxWvVndG4NOdn83i7yqTV2cUiVj0tp/k= Subject key identifier: C3:20:E5:6E:3F:7A:CE:BA:BC:69:AD:CA:52:7F:44:59:27:2B:16:92 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7D264560BE8357074EE5BB7F732849277094183A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141602.roa Signing time: Mon 05 May 2025 07:00:00 +0000 ROA not before: Mon 05 May 2025 06:55:00 +0000 ROA not after: Mon 04 May 2026 07:00:00 +0000 asID: 141602 IP address blocks: 2401:3a0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 06:20:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:26:45:60:be:83:57:07:4e:e5:bb:7f:73:28:49:27:70:94:18:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 5 06:55:00 2025 GMT Not After : May 4 07:00:00 2026 GMT Subject: CN=C320E56E3F7ACEBABC69ADCA527F4459272B1692 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:bc:af:39:0e:8b:a2:4f:9a:df:8d:9d:02:85: 20:c8:cf:e8:fe:18:4d:9e:1f:01:ab:86:67:4a:1a: b9:a5:60:4d:62:3a:5d:e2:f5:d0:61:0a:09:c0:22: 3c:23:87:06:04:16:e0:f6:62:80:01:3f:50:98:17: b5:40:91:3e:ac:16:a4:99:bd:01:7d:bc:fb:40:7f: 6e:39:37:79:fd:a2:d9:0c:47:a6:59:8e:60:73:48: 7b:f4:cc:1b:63:5f:0e:d4:a5:2e:89:c8:09:a5:4f: 29:7b:11:8d:d4:52:31:95:6a:31:55:6c:05:ee:39: 1e:88:e7:55:4d:e7:03:97:71:61:2e:b2:bd:1e:6c: cb:ec:24:3d:6b:dd:b5:31:55:01:f7:ab:9b:ce:ec: 96:5a:ff:f8:3e:d9:7a:7a:dc:91:99:52:e7:91:6d: 10:6b:28:89:cd:c9:80:03:ac:7b:b6:db:d5:c9:4b: ea:6c:42:c1:4f:77:3a:46:5f:24:e7:21:fc:78:40: 9b:87:d9:26:13:88:6d:6f:6a:67:6b:4f:cb:8d:be: 8b:6e:b2:ff:d7:e3:fb:64:11:d9:45:1d:d1:a6:05: 45:3a:4d:8e:d4:c2:ca:62:6c:48:4d:8a:9a:41:d8: 10:8a:a9:ad:74:b7:db:c7:f3:2f:2a:6c:bd:c0:c7: 7e:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:20:E5:6E:3F:7A:CE:BA:BC:69:AD:CA:52:7F:44:59:27:2B:16:92 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141602.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:3a0::/32 Signature Algorithm: sha256WithRSAEncryption 62:8f:2c:d7:fe:97:87:60:d6:24:85:58:15:b6:0f:3b:e2:68: 44:46:4f:14:a7:4b:eb:35:c0:67:c8:ec:6a:8f:b5:0a:7a:ee: 60:64:83:71:6e:55:08:4a:1f:7a:f6:b4:55:2b:c8:cf:4a:3f: 17:db:a7:fa:c4:2e:2b:0e:7a:1e:0c:c2:1e:68:4a:07:5c:74: c8:4e:2f:94:b5:b3:8f:1d:e4:3f:20:0c:46:1b:e9:f5:48:c1: 7d:43:45:28:6f:81:22:dd:1d:ab:7f:8e:b2:cf:e9:cb:0a:93: aa:c9:17:3b:c5:03:48:18:92:16:78:1e:38:7f:e5:af:a3:07: 9e:33:93:73:4b:c7:1c:f5:e7:ab:9b:b5:25:cb:42:69:f0:03: 5c:66:7a:fe:88:35:94:05:6d:dd:45:c7:a0:68:ed:6c:c3:bd: 0f:37:0a:1f:45:5d:ca:a7:f9:d7:00:8e:03:89:1e:33:35:e8: e4:f4:7d:16:bb:d7:dd:46:36:c8:eb:8f:7a:bf:be:4a:d9:60: fe:d6:4e:2e:35:d6:97:59:a4:8a:52:12:44:db:f9:19:f6:19: a0:41:be:fe:bc:e5:a1:ef:4d:9b:f1:b6:3e:37:8f:c2:c1:1e: 2d:42:ee:8f:c9:04:6a:e3:04:bf:2d:e2:23:db:f5:6a:16:d2: dd:0e:17:98 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUfSZFYL6DVwdO5bt/cyhJJ3CUGDowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUwNTA2NTUwMFoX DTI2MDUwNDA3MDAwMFowMzExMC8GA1UEAxMoQzMyMEU1NkUzRjdBQ0VCQUJDNjlB RENBNTI3RjQ0NTkyNzJCMTY5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN+8rzkOi6JPmt+NnQKFIMjP6P4YTZ4fAauGZ0oauaVgTWI6XeL10GEKCcAi PCOHBgQW4PZigAE/UJgXtUCRPqwWpJm9AX28+0B/bjk3ef2i2QxHplmOYHNIe/TM G2NfDtSlLonICaVPKXsRjdRSMZVqMVVsBe45HojnVU3nA5dxYS6yvR5sy+wkPWvd tTFVAferm87sllr/+D7ZenrckZlS55FtEGsoic3JgAOse7bb1clL6mxCwU93OkZf JOch/HhAm4fZJhOIbW9qZ2tPy42+i26y/9fj+2QR2UUd0aYFRTpNjtTCymJsSE2K mkHYEIqprXS328fzLypsvcDHfi0CAwEAAaOCAdEwggHNMB0GA1UdDgQWBBTDIOVu P3rOurxprcpSf0RZJysWkjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTYwMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBA6AwDQYJKoZIhvcNAQELBQADggEBAGKPLNf+l4dg1iSFWBW2 DzviaERGTxSnS+s1wGfI7GqPtQp67mBkg3FuVQhKH3r2tFUryM9KPxfbp/rELisO eh4Mwh5oSgdcdMhOL5S1s48d5D8gDEYb6fVIwX1DRShvgSLdHat/jrLP6csKk6rJ FzvFA0gYkhZ4Hjh/5a+jB54zk3NLxxz156ubtSXLQmnwA1xmev6INZQFbd1Fx6Bo 7WzDvQ83Ch9FXcqn+dcAjgOJHjM16OT0fRa7191GNsjrj3q/vkrZYP7WTi411pdZ pIpSEkTb+Rn2GaBBvv685aHvTZvxtj43j8LBHi1C7o/JBGrjBL8t4iPb9WoW0t0O F5g= -----END CERTIFICATE-----Generated at Mon Jun 2 06:13:54 2025 by rpki-client